- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Over the past three years digital rights management and enterprise rights management have gained attention because of copyright issues involving digital media and leakage of sensitive data. Unfortunately, the terms are often used interchangeably even though they mean different things.
DRM and ERM share common technical concepts, such as encryption to control access to data and application- or device-level functionality to control usage. But DRM focuses on securing static content tied to a per-user access and usage license, while ERM focuses on controlling dynamic content tied to a business process that users may come in and out of on a regular basis. ERM enables companies to extend security to third-party partners, suppliers and customers.
Here are a few more key differences:
• Content monetization vs. life-cycle control: DRM restricts the access and use of digital files; its business problem is optimal monetization of digital content while protecting the interests of copyright holders.
Today, this content is in the form of music and video files. The goal is to restrict content access to its owner, which is an individual consumer. By contrast, ERM controls access to and usage of electronic data in various formats such as word processor documents, spreadsheets,_e-mail, PDF files and CAD diagrams. ERM allows for persistent control of content (regardless of where or when access occurs) and enables an enterprise to control access to intellectual property or other confidential business information that needs to be secured for privacy, competitive or compliance reasons.
Unlike DRM, which tends to deal with static and published content (one song to one consumer), ERM focuses on controlling information throughout its life cycle, and that life cycle is often highly collaborative.
• The ecosystem and technical implementations differ: Both approaches include the notion of a policy server in which rights are defined, an encryption mechanism that controls access to the data, and a software client or device that enforces the policy (which authenticated user has what rights based on content).
DRM tends to focus on the media format and device, with the two most common systems offered by Apple and Microsoft. Apple's FairPlay software is exclusively tied to the encrypted Advanced Audio Coding format, iPod media player and the iTunes online store. Microsoft is more open with Windows Media DRM in that it licenses components of the DRM platform to other vendors for use.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment